Key Escrow System “like leaving your key with a neighbour in case of an emergency” 10-11-2009 SSIN – MIEIC Micael Fernando Fonseca Oliveira.

Slides:

Advertisements

Similar presentations

The Diffie-Hellman Algorithm

Advertisements

1 Key Escrow - like leaving your key with a neighbour in case of an emergency.

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.

Information Assurance Management Key Escrow Digital Cash Week 12-1.

Interlock Protocol - Akanksha Srivastava 2002A7PS589.

Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.

Chapter 17 Controls and Security Measures

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

1 Digital Signatures CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 12, 2004.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Introduction to Signcryption November 22, /11/2004 Signcryption Public Key (PK) Cryptography Discovering Public Key (PK) cryptography has made.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Cryptography and Public Policy Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Data Integrity and Security. Data integrity  data that has a complete or whole structure  a condition in which data has not been altered or destroyed.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Authentication Question: how does a receiver know that remote communicating entity is who it is claimed to be?

Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.

Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.

Network Security. Security Threats 8Intercept 8Interrupt 8Modification 8Fabrication.

Cryptography: RSA & DES Marcia Noel Ken Roe Jaime Buccheri.

COEN 351 E-Commerce Security Essentials of Cryptography.

Cryptography, Authentication and Digital Signatures

James Higdon, Sameer Sherwani

Chapter 3: Basic Protocols Dulal C. Kar. Key Exchange with Symmetric Cryptography Session key –A separate key for one particular communication session.

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!

Chapter 21 Public-Key Cryptography and Message Authentication.

1 Cryptography NOTES. 2 Secret Key Cryptography Single key used to encrypt and decrypt. Key must be known by both parties. Assuming we live in a hostile.

Network Security David Lazăr.

IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Chapter 4 Using Encryption in Cryptographic Protocols & Practices (Part B)

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Software Security Seminar - 1 Chapter 10. Using Algorithms 조미성 Applied Cryptography.

Chapter 3 Encryption Algorithms & Systems (Part D)

CIS 325: Data Communications1 Chapter Seventeen Network Security.

Deck 10 Accounting Information Systems Romney and Steinbart Linda Batch March 2012.

COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●

Ch 13 Trustworthiness Myungchul Kim

Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.

Software Security Seminar - 1 Chapter 4. Intermediate Protocols 발표자 : 이장원 Applied Cryptography.

1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.

April 20023CSG11 Electronic Commerce Encryption John Wordsworth Department of Computer Science The University of Reading Room.

Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:

Security. Cryptography (1) Intruders and eavesdroppers in communication.

Software Security Seminar - 1 Chapter 10. Using Algorithms 발표자 : 이장원 Applied Cryptography.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

NET 311 Information Security

Quantum Cryptography Alok.T.J EC 11.

Security through Encryption

Security Attacks Network Security.

Presentation transcript:

Key Escrow System “like leaving your key with a neighbour in case of an emergency” SSIN – MIEIC Micael Fernando Fonseca Oliveira

Sumary Key Escrow System (KES) Escrow third party KES advantages KES disadvantages Clipper Chip Clipper System Example Clipper System Vulnerability Recovery system and session keys 2

Key Escrow System (KES) A data security measure in which a cryptographic key is entrusted to a third party and are released under certain situation. Ensure that there is a backup of the cryptographic key in case the parties with access to key lose the data. 3

Escrow third party Businesses who may want access to employees' private communications. Governments, who may wish to be able to view the contents of encrypted communications. 4

KES advantages Ensure that there is a backup of the cryptographic key in case the parties with access to key lose the data through a disaster or malicious intent. 5

KES disadvantages New Vulnerabilities & Risks New Complexities New Costs 6

Clipper Chip (1) The Clipper chip is a chipset that was developed and promoted by the U.S. Government as an encryption device to be adopted by telecommunications companies for voice transmission. 7

Clipper Chip (2) Designed by the NSA Includes a classified encryption algorithm - SKIPJACK Voice encryption chip (for phones) - Clipper Key-escrow system - key is split - half of key held by NIST, half of key held by Treasury Department Manufactured by Mykotronx 8

Clipper Chip Message F = Family key (common to all Clipper Chips) - 80 bits N = serial Number of chip - 32 bits K = Key specific to particular conversation - 80 bits U = secret key for chip - 80 bits M = the Message 9

Clipper System Example (1) Let’s say that Alice, using a telephone containing a Clipper chip, wants to talk to Bob, who has a similar device. Alice’s chip has unique ID ID A and secret key K A 10

Clipper System Example (2) What key will Alice and Bob use for communicating? Alice and Bob use Diffie-Hellman mechanism to produce a shared key K. The chip use K to encrypt and decrypt the data. 11

Clipper System Example (3) How does the government know the ID A in order to obtain K A ? How would the government, knowing K A, be able to decrypt the conversation? The information the government needs is in a field known as the LEAF (Law Enforcment Access Field) 12

Clipper System Example (4) The government: use F to decrypt outer layer of LEAF revealing ID A and K encrypted by K A obtain escrowed key halves for chip with serial number ID A put key halves together (with XOR) to reveal K A use K A to decrypt K use K to decrypt M (the message) 13

Clipper System Vulnerability In 1994, Matt Blaze pointed out that Clipper’s escrow system has a vulnerability. To prevent the software that transmitted the message from tampering with the LEAF, a 16-bit hash was included. A brute force attack would produce another LEAF value that would give the same hash. 14

Recovery system and session keys Is it possible to use key-recovery systems to recover session keys? 15

References Kaufman, C., Network Security Private communication on a public world, second edition,